summary refs log tree commit diff
path: root/synapse/http/__init__.py
diff options
context:
space:
mode:
authorAndrew Morgan <1342360+anoadragon453@users.noreply.github.com>2019-10-03 12:57:26 +0100
committerGitHub <noreply@github.com>2019-10-03 12:57:26 +0100
commit0f46bf5737012bb09b40f8e71c5f6db84125df8f (patch)
tree73642b80baf597a0af489af18a34fd89b3e6fc86 /synapse/http/__init__.py
parent1.4.0rc2 (diff)
downloadsynapse-0f46bf5737012bb09b40f8e71c5f6db84125df8f.tar.xz
Replace client_secret with <redacted> in server logs (#6158)
Replace `client_secret` query parameter values with `<redacted>` in the logs. Prevents a scenario where a MITM of server traffic can horde 3pids on their account.
Diffstat (limited to 'synapse/http/__init__.py')
-rw-r--r--synapse/http/__init__.py6
1 files changed, 4 insertions, 2 deletions
diff --git a/synapse/http/__init__.py b/synapse/http/__init__.py
index 3acf772cd1..3880ce0d94 100644
--- a/synapse/http/__init__.py
+++ b/synapse/http/__init__.py
@@ -42,11 +42,13 @@ def cancelled_to_request_timed_out_error(value, timeout):
 
 
 ACCESS_TOKEN_RE = re.compile(r"(\?.*access(_|%5[Ff])token=)[^&]*(.*)$")
+CLIENT_SECRET_RE = re.compile(r"(\?.*client(_|%5[Ff])secret=)[^&]*(.*)$")
 
 
 def redact_uri(uri):
-    """Strips access tokens from the uri replaces with <redacted>"""
-    return ACCESS_TOKEN_RE.sub(r"\1<redacted>\3", uri)
+    """Strips sensitive information from the uri replaces with <redacted>"""
+    uri = ACCESS_TOKEN_RE.sub(r"\1<redacted>\3", uri)
+    return CLIENT_SECRET_RE.sub(r"\1<redacted>\3", uri)
 
 
 class QuieterFileBodyProducer(FileBodyProducer):